I recently started to learn Ansible, and I thought I would share an easy way I found to learn it.
Ansible has a bunch of modules that can be used to run command on a remote box for you. The goal of Ansible is to bring a machine up to a certain state. For example, if you wanted to install the package “open-vm-tools” in CentOS7 you would SSH into the box as root, and run: `yum -y install open-vm-tools`. With the yum Ansible module, you would have a file that had the line `yum: name=open-vm-tools state=present`.
How do we use the modules? We maintain a file with a list of our servers, we maintain another file with a bunch of the modules to run in order. And then we run an Ansible command that will connect to all the servers and bring them to the desired state. This is a huge simplification of Ansible but it makes it a whole lot easier to understand off the bat. To get a little more advanced there are features that let you group a bunch of modules together in tasks, and then group those tasks into roles. For example, setting up an nginx server might require a handful of different tasks, so you could create a role called “web”. Some of those tasks like configuration file changes might need to trigger a restart of the related service (editing nginx.conf). And what if those configuration files need different IPs/hostnames on each server? The documentation and the Ansible example repository are two great places to start.
The Pros of Ansible for Missouri State’s Enterprise Systems Administration Group
- Saving a huge amount of time when deploying a new server
- Ansible is very human readable for people who know nothing about Ansible
- Ansible will SSH into the desired hosts to do its job. NO AGENTS!
- Configuration files deployed by your Ansible playbooks are all kept in source control. Easily go back and see past changes.
- If the only team member who knows Ansible leaves, the hosts can still be managed normally by hand as always.
Some tips for learning
- Grab Oracle Virtual Box. Spin up a minimum of 3 identical VMs. Snapshot them all.
- Install Ansible on one of them. On that server, create an SSH key for root and transfer the public key to all other VMs.
- On the Ansible server, add all the other VMs to /etc/ansible/hosts.
- Run `ansible all -m ping` (this runs the ping module against all hosts)
- Now create your first ever playbook and run it on your hosts. From this point, you can use the documentation to bring you to new heights.